Organization
This commit is contained in:
parent
d74450ebac
commit
4128e63832
4
main.tex
4
main.tex
@ -39,7 +39,6 @@
|
|||||||
\usepackage{amsthm} % For theorem style
|
\usepackage{amsthm} % For theorem style
|
||||||
\usepackage{thmtools}
|
\usepackage{thmtools}
|
||||||
\usepackage{thm-restate}
|
\usepackage{thm-restate}
|
||||||
\usepackage[capitalise]{cleveref}
|
|
||||||
\usepackage{comment}
|
\usepackage{comment}
|
||||||
\usepackage{tikz}
|
\usepackage{tikz}
|
||||||
\usetikzlibrary{positioning,patterns,shapes}
|
\usetikzlibrary{positioning,patterns,shapes}
|
||||||
@ -49,6 +48,9 @@
|
|||||||
\declaretheorem[sibling=theorem]{lemma}
|
\declaretheorem[sibling=theorem]{lemma}
|
||||||
\declaretheorem[numberwithin=chapter,style=definition]{definition}
|
\declaretheorem[numberwithin=chapter,style=definition]{definition}
|
||||||
|
|
||||||
|
% References
|
||||||
|
\usepackage[capitalise]{cleveref}
|
||||||
|
|
||||||
\usepackage{pdfpages}
|
\usepackage{pdfpages}
|
||||||
\usepackage{xspace}
|
\usepackage{xspace}
|
||||||
|
|
||||||
|
@ -62,7 +62,7 @@ In order to define the $\SIVP$ problem and assumption, let us first define the s
|
|||||||
where $\mathcal B(\mathbf c, r)$ denotes the ball of radius $r$ centered in $\mathbf c$.
|
where $\mathcal B(\mathbf c, r)$ denotes the ball of radius $r$ centered in $\mathbf c$.
|
||||||
\end{definition}
|
\end{definition}
|
||||||
|
|
||||||
Which leads us to the $\SIVP$ problem, which is finding a set of sufficiently short linearly independent vectors given a lattice basis.
|
This leads us to the $\SIVP$ problem, which is finding a set of sufficiently short linearly independent vectors given a lattice basis.
|
||||||
|
|
||||||
\begin{definition}[$\SIVP$] \label{de:sivp}
|
\begin{definition}[$\SIVP$] \label{de:sivp}
|
||||||
For a dimension $n$ lattice described by a basis $\mathbf B \in \RR^{n \times m}$, and a parameter $\gamma > 0$, the shortest independent vectors problem is to find $n$ linearly independent vectors $v_1, \ldots, v_n$ such that $\| v_1 \| \leq \| v_2 \| \leq \ldots \leq \| v_n \|$ and $\|v_n\| \leq \gamma \cdot \lambda_n(\mathbf B)$.
|
For a dimension $n$ lattice described by a basis $\mathbf B \in \RR^{n \times m}$, and a parameter $\gamma > 0$, the shortest independent vectors problem is to find $n$ linearly independent vectors $v_1, \ldots, v_n$ such that $\| v_1 \| \leq \| v_2 \| \leq \ldots \leq \| v_n \|$ and $\|v_n\| \leq \gamma \cdot \lambda_n(\mathbf B)$.
|
||||||
@ -73,10 +73,8 @@ In other words, it means that no polynomial time algorithms can solve those prob
|
|||||||
%As explained before, we will rely on the assumption that both algorithmic problems below are hard. Meaning that no (probabilistic) polynomial time algorithms can solve them with non-negligible probability and non-negligible advantage, respectively.
|
%As explained before, we will rely on the assumption that both algorithmic problems below are hard. Meaning that no (probabilistic) polynomial time algorithms can solve them with non-negligible probability and non-negligible advantage, respectively.
|
||||||
|
|
||||||
\begin{definition}[The $\SIS$ problem] \label{de:sis} \index{Lattices!Short Integer Solution}
|
\begin{definition}[The $\SIS$ problem] \label{de:sis} \index{Lattices!Short Integer Solution}
|
||||||
Let~$m,q,\beta$ be functions of~$n \in \mathbb{N}$. The Short Integer
|
Let~$m,q,\beta$ be functions of~$n \in \mathbb{N}$.
|
||||||
Solution problem $\SIS_{n,m,q,\beta}$ is, given~$\mathbf{A} \sample
|
The Short Integer Solution problem $\SIS_{n,m,q,\beta}$ is, given~$\mathbf{A} \sample U(\Zq^{n \times m})$, find~$\mathbf{x} \in \Lambda_q^{\perp}(\mathbf{A})$ with~$0 < \|\mathbf{x}\| \leq \beta$.
|
||||||
U(\Zq^{n \times m})$, find~$\mathbf{x} \in \Lambda_q^{\perp}(\mathbf{A})$
|
|
||||||
with~$0 < \|\mathbf{x}\| \leq \beta$.
|
|
||||||
\end{definition}
|
\end{definition}
|
||||||
|
|
||||||
If~$q \geq \sqrt{n} \beta$ and~$m,\beta \leq \mathsf{poly}(n)$, then $\SIS_{n,m,q,\beta}$ is at least as hard as
|
If~$q \geq \sqrt{n} \beta$ and~$m,\beta \leq \mathsf{poly}(n)$, then $\SIS_{n,m,q,\beta}$ is at least as hard as
|
||||||
|
Loading…
Reference in New Issue
Block a user